| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 20 Jan 2008 05:47:13 -0500
From: Vlad Yasevich <vyasevich@...izon.net>
To: David Miller <davem@...emloft.net>
Cc: akpm@...ux-foundation.org, netdev@...r.kernel.org
Subject: Re: sctp use-uninitialized warning in net-2.6.25
David Miller wrote:
> From: Vlad Yasevich <vladislav.yasevich@...com>
> Date: Fri, 18 Jan 2008 21:17:56 -0500
>
>> Hmm... in the code I am looking at, it's set in both zero and
>> non-zero cases so it does solve the issue.
>>
>> So does initializing it to NO_ERROR like you did.
>
> Here is the code block in question in net-2.6.25:
>
> /* Verify the INIT chunk before processing it. */
> err_chunk = NULL;
> if (!sctp_verify_init(asoc, chunk->chunk_hdr->type,
> (sctp_init_chunk_t *)chunk->chunk_hdr, chunk,
> &err_chunk)) {
> ...
> if (err_chunk) {
> ...
> if (packet) {
> sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT,
> SCTP_PACKET(packet));
> SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS);
> error = SCTP_ERROR_INV_PARAM;
> } else {
> error = SCTP_ERROR_NO_RESOURCE;
> }
> }
> ...
> return sctp_stop_t1_and_abort(commands, error, ECONNREFUSED,
> asoc, chunk->transport);
>
> If err_chunk == NULL at the "if (err_chunk)" test, error
> will be left uninitialized, even after being moved as you
> have suggested (right after the sctp_verify_init() call).
>
> Thanks.
>
Hi David
Thanks for beating into my thick scull that this is in 2.6.25. I missed that
initially.
Anyway, here is a patch that sets the correct value.
-vlad
View attachment "0001-SCTP-Correctly-initialize-error-when-parameter-val.patch" of type "text/x-patch" (1822 bytes)
Powered by blists - more mailing lists